Low uptake of email authentication by financial institutions

The Global Cyber Alliance (GCA), a cybersecurity nonprofit, has announced that only 11 of the top 50 U.S. financial institutions and 9 of the top 50 European financial institutions are actively using the DMARC email authentication standard to block fraudulent emails or mark them as spam. GCA noted that another 32 of these top financial institutions do have DMARC capabilities ready to go, although they have yet to set up the required policies to reject or quarantine emails. In order words, 51% of the top U.S. and European financial institutions have published DMARC policies, but only 37% of that 51% have active policies and are seeing the antispam and anti-phishing benefits DMARC provides. Perhaps somewhat more alarming is that none of the 50 fastest growing independent financial institutions in the U.S. are using the DMARC system.

DMARC is a proven and free open standard system now supported by more than 85% of consumer email accounts.